2017-09-12 07:16:51

by Mira Ressel

[permalink] [raw]
Subject: [refpolicy] [PATCH] libraries: Dont audit attempts of ldconfig to write to portage ptys

This is a preparation for transitioning portage's invocations of
ldconfig to ldconfig_t.
---
policy/modules/system/libraries.te | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/policy/modules/system/libraries.te b/policy/modules/system/libraries.te
index a24c67967..cb2052c1f 100644
--- a/policy/modules/system/libraries.te
+++ b/policy/modules/system/libraries.te
@@ -131,6 +131,10 @@ optional_policy(`
apt_use_ptys(ldconfig_t)
')

+optional_policy(`
+ portage_dontaudit_use_ptys(ldconfig_t)
+')
+
optional_policy(`
puppet_rw_tmp(ldconfig_t)
')
--
2.14.1